Google Chrome < 17.0.963.65 Multiple Vulnerabilities

Binary data 800899.prm...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 105867 High CVE-2011-3031: Use-after-free in v8 element wrapper. Credit to Chamal de Silva. 108037 High CVE-2011-3032: Use-after-free in SVG value handling. Credit to Arthur Gerkis. 108406 115471 High CVE-2011-3033: Buffer overflow in the Skia drawing library. Cred...

Moderate: Red Hat Security Advisory: kvm security and bug fix update

Updated kvm packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

TORCS 1.3.2 - .xml File Buffer Overflow SafeSEH Evasion

TORCS 1.3.2 - .xml File Buffer Overflow SafeSEH Evasion / Exploit Title: TORCS Research Team Division Author: Andres Gomez and David Mora a.k.a Mighty-D ... Pwn and beans! Software Link: http://torcs.sourceforge.net/ Version: torcs 1.3.2 Vendor notified: 03/02/2012 Tested on: Windows XP Service...

TORCS 1.3.2 - &#039;.xml&#039; File Buffer Overflow /SafeSEH Evasion

/ Exploit Title: TORCS Research Team Division Author: Andres Gomez and David Mora a.k.a Mighty-D ... Pwn and beans! Software Link: http://torcs.sourceforge.net/ Version: torcs 1.3.2 Vendor notified: 03/02/2012 Tested on: Windows XP Service Pack 3 Spanish CVE : / / Create template.xml file see and...

Unfixed XSS vulnerability at www.kued.org

Security researcher Atmon3r, has submitted on 18/12/2011 a cross-site-scripting XSS vulnerability affecting www.kued.org, which at the time of submission ranked 769349 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 20/12/2011. It is currently...

Debian DSA-2338-1 : moodle - several vulnerabilities

Several cross-site scripting and information disclosure issues have been fixed in Moodle, a course management system for online learning : - MSA-11-0020 Continue links in error messages can lead offsite - MSA-11-0024 reCAPTCHA images were being authenticated from an older server - MSA-11-0025 Gro...

Sql injection

SQL injection vulnerability in index.php in esoftpro Online Photo Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the section parameter...

CVE-2010-4999

SQL injection vulnerability in index.php in esoftpro Online Photo Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the section parameter...

How to manually test hotadd functionality

Purpose This article documents the procedure for manually performing hotadd to test whether a Veeam Backup Proxy can attach a VM's base disks. Solution Requirements and Limitations Before testing, review Virtual Appliance HOTADD Requirements and Limitations Review KB1054:Appliance Mode Hotadd...

bash security, bug fix, and enhancement update

3.2-32 - Dont include backup files Resolves: 700157 3.2-31 - Use 'mktemp' for temporary files Resolves: 700157 3.2-30 - Added man page references to systemwide .bashlogout Resolves: 592979 3.2-29 - Readline glitch, when editing line with more spaces and resizing window Resolves: 525474 3.2-28 - F...

Apple Safari Multiple Vulnerabilities - July 2011

The host is installed with Apple Safari web browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodapplesafarimultvulnjuly11.nasl 7024 2017-08-30 11:51:43Z teissa $ Apple Safari Multiple Vulnerabilities - July 2011 Authors: Sooraj KS Copyright: Copyright c 2011...

BACS Demo Cross Site Scripting

BACS DEMO persistent XSS vulnerabilties vendor: www.bacsdemo.com Author: Karthik R 3psil0nLambDa Email: [email protected] My blog: epsilonlambda.co.cc Google dork: Copyright © 2009 Coupon codes Exploits: Persistent XSS vulnerability in the admin panel-static page-add new section. In html mo...

FreeBSD : mambo -- multiple SQL injection vulnerabilities (8a5770b4-54b5-11db-a5ae-00508d6a62df)

James Bercegay reports : Mambo is vulnerable to an Authentication Bypass issue that is due to a SQL Injection in the login function. The SQL Injection is possible because the $passwd variable is only sanitized when it is not passed as an argument to the function. Omid reports : There are several...

Web Browser - Remote Exploitation Session

Document Title: =============== Web Browser - Remote Exploitation Session References: =========== Download: http://www.vulnerability-lab.com/resources/videos/14.wmv View: http://www.youtube.com/watch?v=zSFJw9PMHU Release Date: ============= 2011-06-18 Vulnerability Laboratory ID VL-ID:...

Zeus Source Code Leaked

The source code to the infamous Zeus crimeware kit, which has been sold on underground forums for years, has been leaked and is now available for anyone to see if they know where to look. Security researchers over the weekend noticed that files that appeared to contain the source code for the Zeu...

Eventum Issue Tracking System 2.3.1 stored XSS

Exploit for php platform in category web applications Exploit Title: Eventum 2.3.1 stored XSS Date: 19-2-2011 Author: Saif El-Sherei Software Link: https://code.launchpad.net/eventum Version: Eventum 2.3.1 Tested on: FF 3.0.15, IE 8 Vendor notification: vendor notified, awaiting response Info:...

Eventum 2.3.1 Stored Cross Site Scripting

Exploit Title: Eventum 2.3.1 stored XSS Date: 19-2-2011 Author: Saif El-Sherei Software Link: download link if available Version: Eventum 2.3.1 Tested on: FF 3.0.15, IE 8 Vendor notification: vendor notified, awaiting response Info: Eventum is a user-friendly and flexible issue tracking system th...

eventum issue tracking system 2.3.1 - Persistent Cross-Site Scripting

Exploit Title: Eventum 2.3.1 stored XSS Date: 19-2-2011 Author: Saif El-Sherei Software Link: https://code.launchpad.net/eventum Version: Eventum 2.3.1 Tested on: FF 3.0.15, IE 8 Vendor notification: vendor notified, awaiting response Info: Eventum is a user-friendly and flexible issue tracking...

KLA12360 ACE vulnerability in Microsoft Windows

Code execution vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability in Human Interface Device HID to execute arbitrary code. Original advisories CVE-2011-0638 Related products Microsoft-Windows-Vista Microsoft-Windows-Server-2012 Microsoft-Windows-8...